Retrieve profiles
Last update: March 7, 2025
- Topics:
- Authentication
IMPORTANTThe content on this page is provided for information purposes only. Usage of this API requires a current license from Adobe. No unauthorized use is permitted.
IMPORTANTREST API V2 implementation is bounded by the Throttling mechanism documentation.
Related Articles
Make sure to also visit the REST API V2 FAQs.
Request
HTTP
path
/api/v2/{serviceProvider}/profiles
method
GET
Path Parameters
serviceProvider
The internal unique identifier associated with the Service Provider during onboarding process.
required
Headers
Authorization
The generation of the bearer token payload is described in the Authorization header documentation.
required
AP-Device-Identifier
The generation of the device identifier payload is described in the AP-Device-Identifier header documentation.
required
X-Device-Info
The generation of the device information payload is described in the X-Device-Info header documentation.
It is strongly recommended to always use it when the application's device platform allows for the explicit provision of valid values.
When provided, the Adobe Pass Authentication backend will merge explicitly set values with extracted values implicitly (by default).
When not provided, the Adobe Pass Authentication backend will use extracted values implicitly (by default).
It is strongly recommended to always use it when the application's device platform allows for the explicit provision of valid values.
When provided, the Adobe Pass Authentication backend will merge explicitly set values with extracted values implicitly (by default).
When not provided, the Adobe Pass Authentication backend will use extracted values implicitly (by default).
required
X-Forwarded-For
The IP address of the streaming device.
It is strongly recommended to always use it for server to server implementations, particularly when the call is made by the programmer service rather than the streaming device.
For client to server implementations, the IP address of the streaming device is sent implicitly.
It is strongly recommended to always use it for server to server implementations, particularly when the call is made by the programmer service rather than the streaming device.
For client to server implementations, the IP address of the streaming device is sent implicitly.
optional
Adobe-Subject-Token
The generation of the single sign-on payload for the Platform Identity method is described in the Adobe-Subject-Token header documentation.
For more details about single sign-on enabled flows using a platform identity, refer to the Single sign-on using platform identity flows documentation.
For more details about single sign-on enabled flows using a platform identity, refer to the Single sign-on using platform identity flows documentation.
optional
AD-Service-Token
The generation of the single sign-on payload for the Service Token method is described in the AD-Service-Token header documentation.
For more details about single sign-on enabled flows using a service token, refer to the Single sign-on using service token flows documentation.
For more details about single sign-on enabled flows using a service token, refer to the Single sign-on using service token flows documentation.
optional
AP-Partner-Framework-Status
The generation of the single sign-on payload for the Partner method is described in the AP-Partner-Framework-Status header documentation.
For more details about single sign-on enabled flows using a partner, refer to the Single sign-on using partner flows documentation.
For more details about single sign-on enabled flows using a partner, refer to the Single sign-on using partner flows documentation.
optional
Accept
The media type accepted by the client application.
If specified, it must be application/json.
If specified, it must be application/json.
optional
User-Agent
The user agent of the client application.
optional
Response
Code
Text
Description
200
OK
The response body contains a map of valid profiles, which may be empty.
400
Bad Request
The request is invalid, the client needs to correct the request and try again. The response body may contain error information that adheres to the Enhanced Error Codes documentation.
401
Unauthorized
The access token is invalid, the client needs to obtain a new access token and try again. For more details refer to the Dynamic Client Registration Overview documentation.
405
Method Not Allowed
The HTTP method is invalid, the client needs to use an HTTP method that is permitted for the requested resource and try again. For more details refer to the Request section.
500
Internal Server Error
The server side encountered an issue. The response body may contain error information that adheres to the Enhanced Error Codes documentation.
Success
Headers
Status
200
required
Content-Type
application/json
required
Body
profiles
JSON containing a map of key, value pairs.
The key element is defined by the following value:
Value
mvpd
The internal unique identifier associated with the Identity Provider during onboarding process.
required
The value element is defined by the following attributes:
Attribute
notBefore
The timestamp before which the profile is not valid.
required
notAfter
The timestamp after which the profile is not valid.
required
issuer
The entity that owns the profile.
The possible values are:
- mvpd (e.g., Spectrum, Cablevision, etc.)
The profile was created as a result of: basic authentication, single sign-on using platform identity, or single sign-on using service token. - Apple
The profile was created as a result of: single sign-on using partner Apple.
required
type
The type of the profile.
The possible values are:
- regular
The profile was created as a result of: basic authentication. - appleSSO
The profile was created as a result of: single sign-on using partner Apple. - platformSSO
The profile was created as a result of: single sign-on using platform identity. - serviceTokenSSO
The profile was created as a result of: single sign-on using service token.
required
attributes
The list of user metadata attributes.
These attributes can be:
- Mandatory, like 'userID'
- Non-mandatory, like 'zip', 'householdID', 'maxRating', etc.
The values for the attributes can be:
- simple
- list
- map
required
required
Error
Headers
Status
400, 401, 405, 500
required
Content-Type
application/json
required
Body
The response body may provide additional error information that adheres to the Enhanced Error Codes documentation.
required
Samples
1. Retrieve profiles obtained through basic authentication
Request
GET /api/v2/REF30/profiles HTTP/1.1
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJjNGZjM2U3ZS0xMmQ5LTQ5NWQtYjc0Mi02YWVhYzhhNDkwZTciLCJuYmYiOjE3MjQwODc4NjgsImlzcyI6ImF1dGguYWRvYmUuY29tIiwic2NvcGVzIjoiYXBpOmNsaWVudDp2MiIsImV4cCI6MTcyNDEwOTQ2OCwiaWF0IjoxNzI0MDg3ODY4fQ.DJ9GFl_yKAp2Qw-NVcBeRSnxIhqrwxhns5T5jU31N2tiHxCucKLSQ5guBygqkkJx6D0N_93f50meEEyfb7frbHhVHHwmRjHYjkfrWqHCpviwVjVZKKwl8Y3FEMb0bjKIB8p_E3txX9IbzeNGWRufZBRh2sxB5Q9B7XYINpVfh8s_sFvskrbDu5c01neCx5kEagEW5CtE0_EXTgEb5FSr_SfQG3UUu_iwlkOggOh_kOP_5GueElf9jn-bYBMnpObyN5s-FzuHDG5Rtac5rvcWqVW2reEqFTHqLI4rVC7UKQb6DSvPBPV4AgrutAvk30CYgDsOQILVyrjniincp7r9Ww
AP-Device-Identifier: fingerprint YmEyM2QxNDEtZDcxNS01NjFjLTk0ZjQtZTllNGM5NjZiMWVi
X-Device-Info: ewoJInByaW1hcnlIYXJkd2FyZVR5cGUiOiAiU2V0VG9wQm94IiwKCSJtb2RlbCI6ICJUViA1dGggR2VuIiwKCSJtYW51ZmFjdHVyZXIiOiAiQXBwbGUiLAoJIm9zTmFtZSI6ICJ0dk9TIgoJIm9zVmVuZG9yIjogIkFwcGxlIiwKCSJvc1ZlcnNpb24iOiAiMTEuMCIKfQ==
Accept: application/json
User-Agent: Mozilla/5.0 (Apple TV; U; CPU AppleTV5,3 OS 11.0 like Mac OS X; en_US)
Response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
{
"profiles": {
"Cablevision": {
"notBefore": 1623943955,
"notAfter": 1623951155,
"issuer": "Cablevision",
"type": "regular",
"attributes": {
"userID": {
"value": "BASE64_value_userId",
"state": "plain"
},
"householdID": {
"value": "BASE64_value_householdId",
"state": "plain"
},
"zip": {
"value": "BASE64_value_zip",
"state": "enc"
}
}
},
"Spectrum": {
"notBefore": 1623943955,
"notAfter": 1623951155,
"issuer": "Spectrum",
"type": "regular",
"attributes": {
"userID": {
"value": "BASE64_value_userId",
"state": "plain"
}
}
}
}
}
2. Retrieve profiles obtained through basic authentication or single sign-on using Service Token method
Request
GET /api/v2/REF30/profiles HTTP/1.1
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJjNGZjM2U3ZS0xMmQ5LTQ5NWQtYjc0Mi02YWVhYzhhNDkwZTciLCJuYmYiOjE3MjQwODc4NjgsImlzcyI6ImF1dGguYWRvYmUuY29tIiwic2NvcGVzIjoiYXBpOmNsaWVudDp2MiIsImV4cCI6MTcyNDEwOTQ2OCwiaWF0IjoxNzI0MDg3ODY4fQ.DJ9GFl_yKAp2Qw-NVcBeRSnxIhqrwxhns5T5jU31N2tiHxCucKLSQ5guBygqkkJx6D0N_93f50meEEyfb7frbHhVHHwmRjHYjkfrWqHCpviwVjVZKKwl8Y3FEMb0bjKIB8p_E3txX9IbzeNGWRufZBRh2sxB5Q9B7XYINpVfh8s_sFvskrbDu5c01neCx5kEagEW5CtE0_EXTgEb5FSr_SfQG3UUu_iwlkOggOh_kOP_5GueElf9jn-bYBMnpObyN5s-FzuHDG5Rtac5rvcWqVW2reEqFTHqLI4rVC7UKQb6DSvPBPV4AgrutAvk30CYgDsOQILVyrjniincp7r9Ww
AP-Device-Identifier: fingerprint YmEyM2QxNDEtZDcxNS01NjFjLTk0ZjQtZTllNGM5NjZiMWVi
X-Device-Info: ewoJInByaW1hcnlIYXJkd2FyZVR5cGUiOiAiU2V0VG9wQm94IiwKCSJtb2RlbCI6ICJUViA1dGggR2VuIiwKCSJtYW51ZmFjdHVyZXIiOiAiQXBwbGUiLAoJIm9zTmFtZSI6ICJ0dk9TIgoJIm9zVmVuZG9yIjogIkFwcGxlIiwKCSJvc1ZlcnNpb24iOiAiMTEuMCIKfQ==
AD-Service-Token: eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJkZDNmYWIyN2NmMjg0ZmU2ZWU0ZDY3ZmExZjY4MzE3YyIsImlzcyI6IkFkb2JlIiw.....
Accept: application/json
User-Agent: Mozilla/5.0 (Apple TV; U; CPU AppleTV5,3 OS 11.0 like Mac OS X; en_US)
Response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
{
"profiles": {
"AdobeShibboleth": {
"notBefore": 1748073636999,
"notAfter": 1748105173000,
"issuer": "AdobeShibboleth",
"type": "serviceTokenSSO",
"attributes": {
"upstreamUserID": {
"value": "AAdzZWNyZXQxydCkywfPBl0KExk8OWhdbUBVDDJBttfKD7RAcRlc32Pbuwd1...",
"state": "plain"
},
"userID": {
"value": "AAdzZWNyZXQxydCkywfPBl0KExk8OWhdbUBVDDJBttfKD7RAcRlc32Pbuwd14aTV....",
"state": "plain"
},
"mvpd": {
"value": "AdobeShibboleth",
"state": "plain"
}
}
},
"Spectrum": {
"notBefore": 1623943955,
"notAfter": 1623951155,
"issuer": "Spectrum",
"type": "regular",
"attributes": {
"userID": {
"value": "BASE64_value_userId",
"state": "plain"
}
}
}
}
}
3. Retrieve profiles obtained through basic authentication or single sign-on using Platform Identity method
Request
GET /api/v2/REF30/profiles HTTP/1.1
Authorization: Bearer eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiJjNGZjM2U3ZS0xMmQ5LTQ5NWQtYjc0Mi02YWVhYzhhNDkwZTciLCJuYmYiOjE3MjQwODc4NjgsImlzcyI6ImF1dGguYWRvYmUuY29tIiwic2NvcGVzIjoiYXBpOmNsaWVudDp2MiIsImV4cCI6MTcyNDEwOTQ2OCwiaWF0IjoxNzI0MDg3ODY4fQ.DJ9GFl_yKAp2Qw-NVcBeRSnxIhqrwxhns5T5jU31N2tiHxCucKLSQ5guBygqkkJx6D0N_93f50meEEyfb7frbHhVHHwmRjHYjkfrWqHCpviwVjVZKKwl8Y3FEMb0bjKIB8p_E3txX9IbzeNGWRufZBRh2sxB5Q9B7XYINpVfh8s_sFvskrbDu5c01neCx5kEagEW5CtE0_EXTgEb5FSr_SfQG3UUu_iwlkOggOh_kOP_5GueElf9jn-bYBMnpObyN5s-FzuHDG5Rtac5rvcWqVW2reEqFTHqLI4rVC7UKQb6DSvPBPV4AgrutAvk30CYgDsOQILVyrjniincp7r9Ww
AP-Device-Identifier: fingerprint YmEyM2QxNDEtZDcxNS01NjFjLTk0ZjQtZTllNGM5NjZiMWVi
X-Device-Info: ewoJInByaW1hcnlIYXJkd2FyZVR5cGUiOiAiU2V0VG9wQm94IiwKCSJtb2RlbCI6ICJUViA1dGggR2VuIiwKCSJtYW51ZmFjdHVyZXIiOiAiQXBwbGUiLAoJIm9zTmFtZSI6ICJ0dk9TIgoJIm9zVmVuZG9yIjogIkFwcGxlIiwKCSJvc1ZlcnNpb24iOiAiMTEuMCIKfQ==
Adobe-Subject-Token: eyJhbGciOiJSUzI1NiJ9.eyJzdWIiOiIyMmM4MDU1MjEzMDIwYzhmZGYzOGZkMTI1YWViMzUzYSIsImlzcyI6....
Accept: application/json
User-Agent: Mozilla/5.0 (Apple TV; U; CPU AppleTV5,3 OS 11.0 like Mac OS X; en_US)
Response
HTTP/1.1 200 OK
Content-Type: application/json;charset=UTF-8
{
"profiles": {
"AdobePass_SMI": {
"notBefore": 1724337476000,
"notAfter": 1724345252000,
"issuer": "AdobePass_SMI",
"type": "platformSSO",
"attributes": {
"upstreamUserID": {
"value": "38524bdc3d1caac0b3e139003ea0954e15ad9648",
"state": "plain"
},
"userID": {
"value": "38524bdc3d1caac0b3e139003ea0954e15ad9648",
"state": "plain"
},
"mvpd": {
"value": "AdobePass_SMI",
"state": "plain"
}
}
},
"Cablevision": {
"notBefore": 1623943955,
"notAfter": 1623951155,
"issuer": "Spectrum",
"type": "regular",
"attributes": {
"userID": {
"value": "BASE64_value_userId",
"state": "plain"
}
}
}
}
}
recommendation-more-help
3f5e655c-af63-48cc-9769-2b6803cc5f4b